Companies routinely take out property and casualty (P&C) insurance to protect themselves against the risk of damage caused by fire, theft, storm, or any of a number of accidents. But few have stopped to consider whether business risks—which may have a far greater impact on shareholder value—can be transferred to a third party in the same way. Failed product launches, rogue trading, and regulatory changes, to name but a few business risks, can seriously damage a company’s profitability. Yet most companies still regard these as the inevitable, uninsurable perils of entrepreneurialism.

A handful of companies, both public and privately owned, take a different view. They use business risk insurance to preserve or even increase shareholder value in terms of return on equity (ROE) by protecting the cashflow, reducing the amount of capital tied up in the business, or improving their financing terms. In essence, they see business risk insurance as a new and efficient source of capital.

The instruments they use are radically different from most insurance products available today. Yet the concept remains the same: financial risk is transferred to a third party, for a certain price. What is being redefined is the boundary between transferable risk and the risk a company and its shareholders are expected to carry.

Rethinking risk management

The emergence of business risk insurance follows moves by many companies to rethink the way they manage their traditional P&C risks in order to enhance shareholder value.

US corporations, for example, set aside on average 1 to 3 percent of their total revenues to cover risk, most of it in the form of traditional insurance premiums. Yet many discover that premium payments made over the years are higher than any damage compensation they receive. As a cheaper alternative, some are retaining portions of their traditional insurance risk, particularly those risks for which it is possible to calculate the maximum possible loss. They do this either through self-insurance (by having no insurance, in other words—the company simply meets costs with its own cash), or by setting up self-insurance vehicles such as captive or "rent a captive" companies that have access to cheaper wholesale insurance rates and whose profits belong to the parent company.

The result has been a significant drop in the premiums corporations pay to cover traditional insurance risks. Fifteen to 20 percent of total insurance cover is already provided by retention—a figure that will probably double in a decade. In addition, companies now find themselves in a stronger bargaining position with insurance providers anxious not to lose any more business. (As a consequence, there has been a substantial drop in the cost of the insurance cover that still goes through the wholesale P&C market.)

The logical next step in this quest for shareholder value is for companies to consider not only how to spend less protecting themselves against traditional risks, but also how to spend better by insuring their business risks.

Cases abound of the drastic impact business risk can have on shareholder value. In 1992, the German technology conglomerate Metallgesellschaft suffered a one-off treasury loss of $500 million from trading in oil derivative contracts. In March 1997, the chemicals company Hoechst, also German, revealed that a product recall and unexpected restructuring charges would cost it $400 million. Other infamous examples include Philip Morris, forced to slash the price of Marlboro cigarettes for four months to win back market share from cheaper private-label rivals; Barings, the British merchant bank that collapsed because of massive unauthorized trading by one employee; and EuroDisney, a highly leveraged project that initially failed to earn expected returns.

The damage each incident caused to shareholder value in terms of ROE could have been at least partly contained by an insurance policy. Such a policy might even have helped support the stock value of some of the companies concerned. But the value of business risk insurance is not just hypothetical, as some companies can already attest.

Components of business risk insurance

Traditional actuarial techniques are inappropriate in insuring business risk. Unlike common P&C risks, business risks are often unique to a company, which means they are hard to assess statistically and difficult to spread. To insure this type of risk, something radically different is needed.

The solution lies in bancassurance. In the world of business risk, bancassurance integrates banking and insurance at the product level (unlike bancassurance in retail or private-line business, where insurers and banks mainly exchange distribution channels in order to save costs and offer customers one-stop shopping). Techniques borrowed from both industries are combined in hybrid instruments in innovative ways.

Business risk insurance programs are tailor-made for each client (and are currently available only to wholesale clients with the necessary technical skills). But they usually package together some of the following features:

Risk distribution over several years. Since business risks are normally large, and distribution is not possible, the risk is spread over time instead. Unlike traditional insurance coverage, which requires the payment of an annual premium that rises steeply the following year if a claim is made, a client insuring business risk pays annual premiums of a fixed amount over several years. These multiyear programs (so-called "finite" insurance) cover the client from the outset. If no damage occurs, the insurer usually reimburses the client a significant part of the premiums it has paid at the end of a fixed period. If the insurer has to make a loss payment, it takes a credit risk on the outstanding premium payments, just as a bank does if it lends money.

Asset management. Asset management becomes important because funds are often accumulated over the years to help cover potential loss payments. Insurers involved in business risk insurance therefore tend to expand their asset management businesses.

Risk partnership. Because business risks can be influenced by management, incentive mechanisms are created to enable the insured to benefit if no claims are made. A large proportion of the initial premium might be reimbursed, for example.

But partnership extends beyond installing safeguards. The relationship between the insurer and the insured is closer than usual because of the long-term nature of their agreement. It also tends to be more equal: both sides participate in the downside, and sometimes the upside, of the risk. In effect, the insurer becomes an investment partner.

Insurance cover can be considered an investment from which the insurer hopes to earn interest

An insurer might, for example, agree to cover a company for a slower-than-expected payback from its investments in the case of one in five product launches. In return, the contract would entitle the insurer to a percentage of the rewards from successful launches. In this way, the insurance cover can be considered an investment from which the insurer hopes to earn interest. The insurer might even agree to provide equity in certain circumstances—perhaps to a company with a low capital base that wishes to protect itself against the financial consequences of a possible liability suit.

Innovative risk evaluation. Business risk insurance combines various risk evaluation techniques. In the case of risks that are difficult to record statistically, option pricing models used to calculate the price of financial derivatives are applied. To assess a client’s creditworthiness, business risk insurers do not simply look at the company’s financial ratios, as a bank would, but use actuarial techniques that produce a better understanding (and pricing) of credit risk.

Risk portfolio management. Because the law of large numbers cannot be applied to business risks, insurers apply risk portfolio management techniques similar to those used by hedge funds. Rather than assembling a portfolio of similar risks, the insurer builds a portfolio of unrelated risks. Individually, each risk is uncertain; overall, the portfolio is stable and predictable.

Securitization. Hitherto, securitization has been a banking activity. But business risk can also prove attractive to third-party investors, enabling insurers to securitize these risks either via a bank or by themselves. Even public placements are possible. Some companies already securitize catastrophe risks (such as earthquakes or hurricanes) through private or public placements. Given the capacity of today’s global financial markets (worth $50 trillion in 1996), there seems little reason to doubt that they could absorb a good deal of business risk. An average daily fluctuation of, say, 70 to 80 basis points would be equivalent to losses or gains of $350 to $400 billion—far in excess of the business risks corporations face.

Only a handful of insurance companies and investment banks currently have the expertise (often acquired through mergers or alliances) in commercial risk, corporate finance, and investment banking to offer clients business risk insurance. But many global companies in the insurance and banking worlds are showing keen interest in what could be a huge market.

How to use business risk insurance

Companies can use business risk insurance in three fundamental ways.

General earnings and balance sheet protection

Business risk insurance can be used to cover the type of risk that hits the profit and loss statement or balance sheet directly, such as raw material price volatility or the expropriation of a factory in a foreign country. One leading paper company took out a three-year policy to protect itself against volatile pulp prices. After the payment of an initial premium in the first year, the insurer guaranteed payments to the client, up to a certain limit, each time the price of pulp rose above an agreed level. In accordance with the notion of risk partnership, the paper company also agreed to make payments to the insurer should prices fall, again up to a fixed amount. At the end of the three years, the various payments were assessed and redistributed on the basis of an agreed profit-sharing formula.

The policy contained bancassurance elements: the insurer accepted a credit risk and used option-pricing techniques usually applied only by banks. It was the kind of protection that commands a certain price—but it was a price the paper company was prepared to pay to cover itself against high pulp costs, and so guarantee stable earnings and a steady return on equity for shareholders. The absence of any appropriate financial derivatives for pulp meant the company was unable to hedge a considerable business risk in any other way.

Reduction of capital needs

Business risk insurance can be used to replace capital provisions that would otherwise tie up capital

Business risk insurance can be used to replace capital provisions that would otherwise tie up capital. One leading asset manager with high revenues and extensive assets under management but low capitalization used it to protect itself against rogue trading that could have led to losses far in excess of its capital. In return for a "standby" premium, the insurer guaranteed to inject equity if and when needed, and at an attractive price.

The first advantage for the client and its shareholders was the security of knowing that the company would have been able to raise equity at the very moment when most other capital providers would have shied away. Paradoxically, the company could even have improved its debt to equity ratios in the middle of a financial crisis. Second, paying a standby premium that guaranteed capital should it be needed was a cheaper option than actually raising the capital and having it tied up in the business just in case. Third, the company still had the capacity to raise finance for other, more productive business purposes if it wanted to.

Two key bancassurance techniques made such a deal feasible. First, the whole program was packaged as an equity put option, whereby the premium gave the client the right to place new equity with the insurer. Second, the insurer gave the customer equity in the same way as an investment bank would have done.

In another deal, an airline used business risk insurance to shed from its balance sheet a provision of $70 million for its employees’ compensation plan. The insurer arranged letters of credit from the bank to replace the funds, should they be needed; the bank agreed to issue the LOCs because the insurer itself guaranteed repayment of funds extended to the airline; and the airline pledged assets (including aircraft, engines, and flight simulators) to the insurer. By replacing the provision with a tailor-made insurance policy, the airline was able to use the $70 million to repay expensive loans and reduce its overall capital costs.

The arrangement was an unusual one. In general, insurers would not arrange an LOC, nor accept those kinds of asset as collateral, and no bank would put aircraft on its balance sheet as the insurance company did in this instance.

Improved financing capacity

If business risk insurance is used to cover expected cashflows from an investment project or a product launch, it can be easier and cheaper to raise finance, whether for an infrastructure project, a merger or acquisition, or a venture capital project.

One North American utility struggled to raise funds for a hydroelectric project because cashflow in the early years depended on the quantity of rainfall. A ten-year business risk insurance policy guaranteed cashflow regardless of rainfall. As a result, the utility was able to raise an extra 25 percent outside capital, and on better terms. This enabled it to reduce the required equity stake in the project, thus improving shareholders’ ROE even after insurance costs had been taken into account. To clinch the deal, the insurer had to take on a credit risk, as the utility was expected to pay premiums over ten years, and it also had to understand the project finance industry—usually investment banks’ domain.

What to insure

There is an unmistakable trend toward reducing shareholder risk. Not so many years ago, it was unusual for a company to protect itself against foreign exchange or interest rate risk. Today, almost every company does so. Furthermore, companies’ stock value may rise with the announcement of major provisions or even write-offs to cover important business risks, because they reduce uncertainty. In other words, institutional and private investors seem prepared to sacrifice some short-term benefit to safeguard longer-term rewards.

The same logic applies to the protected investment vehicles (such as funds that guarantee a certain return or cap the maximum loss) that have been so successful in Europe. It is reasonable to assume that many shareholders would welcome the opportunity to insure against certain business risks that threaten ROE.

Nevertheless, a sense of proportion is necessary. It is not possible to eliminate all business risk through insurance. For one thing, it would not be cost-effective. And corporate performance and shareholder value will always be determined primarily by how well a company conducts its core business. But, as the examples above illustrate, business risk insurance can efficiently protect or enhance some of the key drivers of ROE. The main issue for those considering business risk insurance is thus to decide exactly what to insure.

The first step entails a thorough assessment of the most important business risks in terms of ROE. The assessment will consider risks on both P&L statement and balance sheet, and determine how they are already reflected in the company’s financial structure (via provisions or reserves, for example), or how, if the risks are not already covered, they might affect ROE. Such an analysis will prompt managers to consider in detail the risk to their business of, say, a consumer boycott, a strike, a fall in R&D productivity, unexpected restructuring costs, or credit risks.

The second step determines which of these risks to insure, and which to keep. There is no formula for distinguishing between the two. A pharmaceutical company might want to carry the risk of a temporary consumer boycott of gene-manipulated products, or of restructuring costs after an acquisition, but prefer to be insured against the risk of having to pay environmental compensation, or the risk of the Federal Drug Administration delaying approval of a new drug. Despite the lack of ground rules, however, there are ways of classifying risk that might help managers work out how to draw a line between the core risks the company and its shareholders should carry, and those it is reasonable to outsource:

• Risk caused by internal versus external factors. Companies often appear willing to outsource the kind of risk that is governed by external factors over which they have limited control, such as credit default of accounts receivable or currency risks. But some companies are just as happy to insure themselves against internal problems, such as faulty goods that might prompt a product recall.
• Manageable versus unmanageable risks. The likelihood of rogue trading or an environmental accident can be reduced with appropriate management mechanisms. But even the most careful precautions cannot eliminate all risk, and companies may choose to take out insurance to give themselves added protection. It might be felt that companies should not go so far as to insure against poor management, but the growing interest in directors’ and officers’ liability insurance programs—which insure managers against lawsuits filed by disgruntled shareholders—shows how difficult it is to define what actually constitutes core risk.
• Extraordinary versus recurrent risk. Most business risk insurance covers extraordinary one-off risks, rather than recurrent risks. Exceptions are the risks associated with volatility and cyclicality.
• Core versus non-core competency. Companies are inclined to carry those risks that are linked to their core competencies (such as R&D, marketing, and brand building), not least because this is where most value is created. Business risks that are not regarded as core competencies—such as the risk of IT systems crashing come the millennium—are more likely candidates for outsourcing. Yet some companies have sought at least a degree of protection in areas that might be described as falling within their core competencies, such as product launches or acquisitions.
• Risks affecting the company’s well-being. Business risk insurance may be useful against one-off risks and against volatility and cyclicality, but insurers are not magicians. The effects of adverse events that damage a company’s health and jeopardize its future profitability and growth cannot be made to vanish. No insurer would be able to cover an airline against the risk of structural changes in the industry that threaten to slash the price of airline tickets, for example. Nor would an insurer want to protect an electronics company from technological changes that might render its products obsolete. Companies in such situations have to rely on their own competencies to overcome the challenges. At best, business risk insurance could help companies buy time to confront a problem—smoothing out the impact on their cashflow over three years, perhaps. This could be achieved by an insurance program that provides funds to acquire new technology or adapt machinery.

The third and final step in determining what to insure is a cost/benefit analysis of business risk insurance. As with conventional insurance, self-retention may prove the most cost-effective mechanism once the cost of the protection is weighed against the probability and impact of any damage. Companies wishing to shed reserves or provisions from their balance sheets will have to weigh the cost of insurance against the cost of raising capital. And every company should consider whether financing capacity and costs, particularly for individual projects or investments, can be improved by using well-targeted insurance programs.

The role of senior management

Most companies are happy for an internal risk manager to handle their standard insurance needs; few CEOs or CFOs take decisions about insurance for the car fleet or product liability. In the case of business risk, however, the potential impact on shareholder value means a great deal more is at stake. Business risk insurance calls for senior management’s attention, as well as the involvement of the board and sometimes shareholders.

First, senior managers need to participate in deciding which risks to insure. As discussed, this entails understanding the key drivers of ROE and their exposure to risk, differentiating between core risks and risks that can be outsourced, and performing a cost/benefit analysis of a business risk insurance policy.

Second, senior managers will need to discuss with investors the role of business risk insurance within the company. They will have to assess how sensitive their investors are to risk, and how much they are willing to pay for protection. The chances are that once they understand its benefits, investors will welcome some business risk cover.

Last, senior managers need to consider the strategic implications of business risk insurance. Capturing new market opportunities invariably involves risks, particularly in a world of fresh geographic possibilities, shorter product life cycles, and new information technologies. Business risk insurance gives managers new ways of dealing with these risks, ultimately enabling them to make strategic decisions that are simultaneously bolder and safer.

CEOs and CFOs should rethink how they manage and allocate money in terms of insurance, the better to serve their shareholders. The challenge for each company lies in determining where to draw the line between risks that should be transferred to a third party and those that are the unavoidable trappings of entrepreneurialism.